Hey all,
I have a little issue with getting the DNS working correctly when a user connects through Wireguard VPN. At our local site we have a Wireguard server running behind our Fortigate firewall. Our lan is using 192.168.0.0/22 and the wireguard lan is 192.168.100.0/24.
To get it up and running I have setup a virtual ip from our public ip to the ip of the wireguard server on our lan with port forwarding for the listen port. For access to the lan I have created a static route from 192.168.0.0 to 192.168.100.0 using the wireguard server ip as gateway. I have also created a policy so the traffic is handled correctly.
The tunnel is working and a user can connect to the wireguard server and ping our lan devices. However DNS is not working. In the wireguard client I have setup DNS to 192.168.0.100 and 192.168.0.101 but that doesn't seem to be working. Does anyone know how I can get DNS to work properly in this situation? Is there anything else I have to configure on the Fortigate?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi Team,
If you are able to access servers through ping, you will be able to access through DNS as well.
Please execute this command in wireguard client :
nslookup
See which DNS server it is showing in command prompt
Also, try to install wireshark in client machine and see packets are going to which server.
That should isolate the issue
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1705 | |
1093 | |
752 | |
446 | |
230 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.